Elastic (NYSE: ESTC) (“Elastic”), the company behind Elasticsearch, today announced enhancements across the Elastic Search Platform and its solutions. New enhancements enable customers to stop advanced cyber threats with new prebuilt detections and data source integrations, and accelerate application development with deeper visibility into serverless architectures and continuous integration and continuous delivery (CI/CD) pipelines.
Preventing sophisticated cyber attacks and extending visibility across organizations
New prebuilt detections and host-based malicious behavior protections, both generally available, automate protection against sophisticated attacks, such as Log4j and the Blister malware campaign, to help customers streamline security investigations and mitigate risk without diminishing visibility.
Customers can also now leverage Elastic Agent to collect and normalize network activity from an unlimited number of Windows, macOS, and Linux systems, helping security practitioners monitor for suspicious activity and gather valuable forensic insights within and beyond the network perimeter.
In addition, Elastic added new data source integrations with Recorded Future, ThreatQuotient ThreatQ, and Cybersixgill to streamline the ingestion of threat intelligence and help analysts automate detections, improve prioritization, and accelerate threat analysis.
Accelerating application development with deeper visibility into AWS Lambda and CI/CD pipelines
With enhanced end-to-end application performance monitoring visibility, customers can now collect traces from AWS Lambda, in beta, and correlate those traces with other Elastic Observability data—including from CI/CD environments—for faster and more comprehensive root cause analysis.
Additionally, support for OpenTelemetry logs, also in beta, enables organizations that use OpenTelemetry for traces and metrics to standardize data collection across all data types. The ability to ingest OpenTelemetry logs provides customers an opportunity to deploy a standardized, vendor-neutral observability architecture without losing correlation between signal types and layers.
Delivering faster time to insights and improved storage efficiency
Now generally available, the ability to enable doc-value-only fields gives customers the flexibility to index data faster while improving storage efficiency. With this new capability, customers can benefit from up to 20% faster indexing speeds and 20% lower data storage requirements, ultimately helping them accelerate time to insights while balancing cost and performance.
Customers can also leverage several new ad hoc analytics capabilities in Kibana Lens to enhance data exploration, including three new visualization types—gauge, waffle, and mosaic—and a new drag-and-drop capability to combine and compare multiple fields.